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DETAILED ACTION 

1 . Claims 1 -38 are pending in this application. 

Claim Objections 

2. Regarding claim 1 , on page 2, the Examiner interprets the limitation "a kerberos 
service model, wherein said plurality of nodes" as "a Kerberos service model: wherein 
said plurality of nodes". Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-3, 7-8, 1 1-14, 18, 22-24, 29-30, 32-34, 36 and 38 rejected under 35 
U.S.C. 103(a) as being unpatentable over Juitt et al. (US 7042988) (hereinafter Juitt) as 
in view of Doshi et al. (US 61 30875) (hereinafter Doshi). 

5. Regarding claim 1 , Juitt discloses a distributed authentication infrastructure 
including a plurality of nodes in communication with each other, each of said plurality of 
nodes having an identification and intended to perform.a series of functions, one of said 
series of functions for verifying said identification of said plurality of nodes (Juitt: see 
figure 1A items 102 a-c); and a centralized authentication infrastructure integrated into 
said distributed authentication infrastructure and including a central server, said central 
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server being coupled to said plurality of nodes and being utilized for verifying said 
identification of said plurality of nodes (Juitt: see figure 1A item 1 17); wherein said 
distributed authentication infrastructure is initially implemented and said centralized 
authentication infrastructure is later integrated into said distributed authenticated 
infrastructure; wherein said distributed authentication infrastructure is selected from the 
group consisting of a threshold cryptography service model and a web-of-trust service 
model; wherein said centralized authentication system is selected from the group 
consisting of a public key infrastructure and a Kerberos service model; wherein said 
plurality of nodes include at least one of a personal digital assistant, a digital pager, a 
digital fax machine, a vide teleconferencing device, a wireless telephone, a portable 
computer, a desktop computer, and a communication device (Juitt: see figure 1 and 
column 14 lines 57-67 and column 15 lines 1-3). 

Juitt does not explicitly disclose a centralized infrastructure integrated into said 
distributed authentication infrastructure. Doshi discloses a centralized infrastructure 
integrated into said distributed authentication infrastructure (Doshi: see figure 6 and 
Abstract section). Therefore, it would have been obvious to one ordinary skill in the art 
to apply the teaching of a hybrid centralized/distributed of Doshi into the method of Juitt 
to prevent the scalability and bottleneck problems typically associated with fully 
centralized approaches (Doshi: column 34 lines 44-46). 

6. Regarding claims 2 and 36, Juitt further discloses wherein said plurality of nodes 
includes a verifying node coupled to a new entity for verifying the identification of said 
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new entity and enrolling said new entity into the hybrid authentication system (Juitt: 
column 15 lines 4-17). 

7. . Regarding claim 3, Juitt further discloses wherein said new entity provides said 
verifying node with at least one predetermined credential (Juitt: column 9 lines 53-61). 

8. Regarding claims 7 and 1 1 , Juitt further discloses wherein said central server is 
said new entity (Juitt: see figure 1A). 

9. Regarding claim 8, Juitt further discloses wherein said distributed authentication 
infrastructure requires a quorum of said plurality of nodes for enrolling a new entity into 
the hybrid authentication system (Juitt: column 3 lines 50-61). 

10. Regarding claim 12, Juitt further discloses wherein said central server is coupled 
to a new entity and is utilized for verifying the identification of said new entity and 
enrolling said new entity into the hybrid authentication system, said central server 
producing a log for recording a plurality of failed authentications and a plurality of failed 
enrollments by said plurality of nodes (Juitt: column 3 lines 50-61 and column 12 lines 
61-67 and column 13 lines 1-12). 

11. Regarding claim 1 3, Juitt further discloses wherein said central server is coupled 
to said plurality of nodes for at least one of issuing a global directive thereto and 
bolstering said plurality of nodes by assisting with at least one of an enrollment task, an 
authentication task, and a permission granting task (Juitt: column 16 lines 37-57 and 
column 3 lines 50-61). 

12. Regarding claims 14 and 31 , Juitt further discloses wherein said global directive 
includes at least one of a rekey instruction and a critical trust chain path, said rekey 
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instruction and said critical trust chain path for providing a secured data transfer line 
(Juitt: see figure 1A item 125 (i.e., authentication server)). 

1 3. Regarding claims 1 8 and 22, Juitt further discloses wherein said second node is 
coupled to a trusted third party node from said plurality of nodes, said second node 
producing an authentication task signed by said first node and sending said 
authentication task to said trusted third party node, said trusted third party node 
verifying said identification of said first node (Juitt: see figure 2). 

14. Regarding claim 23, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 

1 5. Regarding claim 24, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 

1 6. Regarding claim 29, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 

1 7. Regarding claim 30, Juitt further discloses wherein said central server is coupled 
to said plurality of nodes for at least one of issuing a global directive thereto and 
supporting said plurality of nodes by assisting with at least one of an enrollment task, an 
authentication task, and a permission granting task (Juitt: column 3 lines 50-61 and 

« 

column 12 lines 61-67 and column 13 lines 1-12). 

1 8. Regarding claim 32, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 

1 9. Regarding claim 33, Juitt further discloses wherein migrating comprises coupling 
a central server to said plurality of nodes (Juitt: see figure 1 A). 
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20. Regarding claim 34, Juitt further discloses coupling said central server to a 
verifying node of said plurality of nodes; sending at least one predetermined credential 
from said central server to said verifying node; enrolling said central server into the 
hybrid authentication system (Juitt: see Abstract section and column 12 lines 61-67 and 
column 13 lines 1-12). 

21 . Regarding claim 38, Juitt further discloses appointing said central server as a 
proxy for a quorum of said plurality of nodes and for fulfilling an enrollment task; and 
enrolling said new entity into the hybrid authentication system (Juitt: see Abstract 
section and column 12 lines 61-67 and column 13 lines 1-12). 

22. Claims 4-6, 9-10, 15-17, 19-21, 25-28, 35 and 37 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Juitt in view of Doshi, further in view of 
Benantar (US 2003/0130947) (hereinafter Ben). 

23. Regarding claim 4, Juitt in view of Doshi does not explicit disclose wherein said 
verifying node signs a certificate related to said new entity. Ben discloses wherein said 
verifying node signs a certificate related to said new entity (Ben: column 1 paragraph 
[0012]). Therefore, it would have been obvious to one ordinary skill in the art to apply 
the teaching of the certificate of Ben into the method of Juitt in view of Doshi to have a 
method and system that simplifies the administrative processing associated with the 
trust paths that are required for valid use of digital certificates (Ben: paragraph [001 1]). 

24. Regarding claims 5, 17 and 20, Juitt in view of Doshi does not explicit disclose 
wherein said central server publishes a certificate revocation list, said verifying node 
examining said certificate revocation list for determining whether said certificate has 
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been revoked. Ben discloses wherein said central server publishes a certificate 
revocation list, said verifying node examining said certificate revocation list for 
determining whether said certificate has been revoked (Ben: paragraphs [0043, 0047 
and 0057]). Therefore, it would have been obvious to one ordinary skill in the art to 
apply the teaching of the certificate revocation list of Ben into the method of Juitt in view 
of Doshi to have a method and system that simplifies the administrative processing 
associated with the trust paths that are required for valid use of digital certificates (Ben: 
paragraph [0011]). 

25. Regarding claims 6, 10, 16 and 21 , Juitt in view of Doshi does not explicit 
disclose wherein a quorum of said plurality of nodes publishes a certificate revocation 
list, said verifying node examining said certificate revocation list for determining whether 
said certificate has been revoked. Ben discloses wherein a quorum of said plurality of 
nodes publishes a certificate revocation list, said verifying node examining said 
certificate revocation list for determining whether said certificate has been revoked 
(Ben: paragraphs [0043, 0047 and 0057]). Therefore, it would have been obvious to 

■ 

one ordinary skill in the art to apply the teaching of the certificate revocation list of Ben 
into the method of Juitt in view of Doshi to have a method and system that simplifies the 
administrative processing associated with the trust paths that are required for valid use 
of digital certificates (Ben: paragraph [0011]). 

26. Regarding claim 9, Juitt in view of Doshi does not explicit disclose wherein each 
node of said quorum utilizes a partial key for partially signing a certificate related to said 
new entity so as to provide said new entity with a full signature. Ben discloses wherein 
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each node of said quorum utilizes a partial key for partially signing a certificate related 
to said new entity so as to provide said new entity with a full signature (Ben: paragraphs 
[0008 and 0037]). Therefore, it would have been obvious to one ordinary skill in the art 
to apply the teaching of signing a certificate of Ben into the method of Juitt in view of 
Doshi to have a method and system that simplifies the administrative processing 
associated with the trust paths that are required for valid use of digital certificates (Ben: 
paragraph [0011]). 

27. Regarding claims 1 5 and 19, Juitt in view of Doshi does not explicit disclose 
wherein said plurality of nodes includes a first node and a second node coupled to said 
first node, said first node presenting a first certificate to said second node for 
authenticating said first node. Ben discloses wherein said plurality of nodes includes a 
first node and a second node coupled to said first node, said first node presenting a first 
certificate to said second node for authenticating said first node (Ben: paragraphs [0008 
and 0045]). Therefore, it would have been obvious to one ordinary skill in the art to 
apply the teaching of using a certificate of Ben into the method of Juitt in view of Doshi 
to have a method and system that simplifies the administrative processing associated 
with the trust paths that are required for valid use of digital certificates (Ben: paragraph 
[0011]). 

28. Regarding claims 25-27, Juitt in view of Doshi does not explicit disclose wherein 
said plurality of nodes is a plurality of members including a first member and a second 
member, said certificate authority issuing a first group certificate to said first member 
that provides said first member with a first permission level, said certificate authority 
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issuing a second group certificate to said second member that provides said second 
member with a second permission level. Ben discloses wherein said plurality of nodes 
is a plurality of members including a first member and a second member, said certificate 
authority issuing a first group certificate to said first member that provides said first 
member with a first permission level, said certificate authority issuing a second group 
certificate to said second member that provides said second member with a second 
permission level (Ben: see Abstract section). Therefore, it would have been obvious to 
one ordinary skill in the art to apply the teaching of using a certificate of Ben into the 
method of Juitt in view of Doshi to have a method and system that simplifies the 
administrative processing associated with the trust paths that are required for valid use 
of digital certificates (Ben: paragraph [001 1]). 

29. Regarding claim 28, Juitt further discloses wherein said first permission level is 
greater than said second permission level (Juitt: see figure 6). 

30. Regarding claims 35 and 37, Juitt in view of Doshi does not explicit disclose 
coupling said central server to a verifying node of said plurality of nodes; sending a 
certificate revocation list from said central server to said verifying node; enrolling said 
central server into the hybrid authentication system. Ben discloses coupling said central 
server to a verifying node of said plurality of nodes; sending a certificate revocation list 
from said central server to said verifying node; enrolling said central server into the 
hybrid authentication system (Ben: see Abstract section and paragraph [0043]). 
Therefore, it would have been obvious to one ordinary skill in the art to apply the 
teaching of using a certificate of Ben into the method of Juitt in view of Doshi to have a 
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method and system that simplifies the administrative processing associated with the 
trust paths that are required for valid use of digital certificates (Ben: paragraph [001 1]). 
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